Tag: extortion
-
Scattered Spider’s New Telegram Channel Names Targeted Organizations
A new Telegram channel that combined the names of well-known threat actor organizations Shiny Hunters, Scattered Spider, and Lapsus$ emerged on Friday afternoon in a daring uptick in cyberthreat activity. This platform, potentially short-lived due to Telegram’s moderation policies, has rapidly disseminated evidence of multiple data breaches, partial data leaks, and extortion demands within its…
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
Google confirms Salesforce CRM breach, faces extortion threat
Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data of prospective Google Ads customers. The website Databreaches.net reported that the attackers have sent an extortion demand to the Tech giant. Google Threat Intelligence Group confirmed that…
-
Still Dangerous After All These Years
Ransomware isn’t dying, it’s evolving, swapping encryption for aggressive extortion as attacks and data theft hit record highs. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ransomware-still-dangerous-after-all-these-years/
-
Unbefugter Zugriff bei einem globalen IT-Unternehmen
The Cost of a Call: From Voice Phishing to Data Extortion First seen on cloud.google.com Jump to article: cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion
-
Unbefugter Zugriff bei einem globalen IT-Unternehmen
The Cost of a Call: From Voice Phishing to Data Extortion First seen on cloud.google.com Jump to article: cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion
-
US confirms takedown of BlackSuit ransomware gang that racked up $370 million in ransoms
Two weeks ago, the ransomware gang’s darknet extortion sites were seized in an operation involving police from more than nine countries including Germany, France and the United Kingdom. First seen on therecord.media Jump to article: therecord.media/us-confirms-blacksuit-takedown
-
Airlines KLM and Air France Detail Customer Data Breach
ShinyHunters May Have Struck Again. Airlines Air France and KLM said they suffered a data breach involving a third-party service storing customer data. The alert comes as the ShinyHunters extortion group continues to target Salesforce-using organizations and trick them into sharing direct access to their customer data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/airlines-klm-air-france-detail-customer-data-breach-a-29143
-
‘We too were breached,’ says Google, months after revealing Salesforce attacks
Attackers may have claimed a Google breach, too: GTIG had also disclosed extortion activities related to UNC6040 intrusions, sometimes carried out several months after the initial data theft, by another threat group, UNC6240, which identified themselves as the notorious BreachForums admin ‘ShinyHunters’.At the time, the GTIG team had presumed the claim to be a stunt…
-
Akira and Lynx Ransomware Target MSPs Using Stolen Credentials and Exploited Vulnerabilities
Tags: breach, credentials, cyber, data, defense, exploit, extortion, group, msp, ransomware, service, threat, vpn, vulnerabilityThe Acronis Threat Research Unit (TRU) dissected recent samples from the Akira and Lynx ransomware families, revealing incremental enhancements in their ransomware-as-a-service (RaaS) models and double-extortion strategies. Both groups leverage stolen credentials, VPN vulnerabilities, reconnaissance, privilege escalation, defense evasion, and data exfiltration to infiltrate systems, primarily targeting small and medium-sized businesses (SMBs) with recycled yet…
-
Ransomware groups shift to quadruple extortion to maximize pressure
Threat actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach, according to Akamai. Ransomware … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/05/ransomware-extortion-tactics-quadruple-extortion/
-
US Agencies Warn of Surging Interlock Ransomware Attacks Targeting Healthcare, Businesses
Federal agencies warn of rising Interlock ransomware attacks targeting healthcare and critical sectors using double extortion and advanced social engineering. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-interlock-ransomware-healthcare-warning/
-
Dell Confirms Security Breach by Extortion Group, Calls Stolen Data ‘Fake’
Cyber extortion group World Leaks released more than 1.3TB of internal Dell data, including scripts and backups. Dell insists no sensitive customer information was exposed. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-dell-data-breach-world-leaks-ransomware/
-
SafePay Ransomware Strikes 260+ Victims Across Multiple Countries
The SafePay ransomware organization has quickly become a powerful operator since its initial detection in September 2024, marking a startling increase in the cyber threat scenario. Unlike predominant ransomware-as-a-service (RaaS) models that rely on affiliates for dissemination and profit-sharing, SafePay operates autonomously, with its core developers directly orchestrating intrusions and extortion campaigns. This self-contained approach…
-
Florida prison email blunder exposes visitor contact info to inmates
Victims fear leak at Everglades Correctional Institution could lead to violent extortion First seen on theregister.com Jump to article: www.theregister.com/2025/08/01/florida_prison_email_blunder/
-
Ransomware Gangs Leverage TrickBot Malware to Steal US $724 Million in Cryptocurrency
Ransomware affiliates associated with groups like Ryuk, Conti, and Diavol have increasingly relied on the modular TrickBot malware to facilitate sophisticated extortion campaigns, resulting in over US$724 million in cryptocurrency theft. Originally emerging in 2016 as a banking Trojan, TrickBot has transformed into a versatile malware platform that supports initial access, credential theft, and lateral…
-
Ransomware gang tells Ingram Micro, ‘Pay up by August 1’
Tags: access, attack, backup, breach, cyber, cyberattack, data, data-breach, encryption, exploit, extortion, government, group, international, Internet, law, leak, organized, ransom, ransomware, technology, tool, vpn, vulnerabilityRansomware attacks increase: In a report on ransomware released this week, researchers at Zscaler ThreatLabz said the number of organizations listed on all ransomware leak sites rose 70% in the 12 month period ending in April.A growing number of ransomware operators are abandoning encryption of data in favour of just data extortion, it noted. For…
-
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH
A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-behind-salesforce-data-theft-attacks-at-qantas-allianz-life-and-lvmh/
-
Qilin Ransomware Uses TPwSav.sys Driver to Bypass EDR Security Measures
Tags: cyber, cybercrime, data, detection, edr, endpoint, exploit, extortion, ransom, ransomware, service, tactics, vulnerabilityCybercriminals affiliated with the Qilin ransomware-as-a-service (RaaS) operation have demonstrated advanced evasion techniques by exploiting a previously undocumented vulnerable driver, TPwSav.sys, to disable Endpoint Detection and Response (EDR) systems through a bring-your-own-vulnerable-driver (BYOVD) attack. First observed in July 2022, Qilin employs double extortion tactics, exfiltrating data for leakage on dedicated sites if ransoms remain unpaid,…
-
Ransomware-Gruppen haben innerhalb eines Jahres 238 TByte an Daten gestohlen
Zscaler veröffentlicht seinen jährlichen . Ransomware-Angriffe nehmen in alarmierendem Tempo zu, was durch den Anstieg der in der Zscaler-Cloud abgewehrten Angriffsversuche im Vergleich zum Vorjahr um 146 Prozent zum Ausdruck kommt. Ransomware-Gruppen legen zudem mehr Fokus auf Erpressung als auf Verschlüsselung, denn die im Berichtszeitraum exfiltrierten Daten stiegen um 92 Prozent […] First seen on…
-
TrickBot Behind More Than $724 Million in Crypto Theft and Extortion
Akamai’s latest Ransomware Report 2025 reveals “quadruple extortion,” new AI-driven tactics by groups like Black Basta, FunkSec, and TrickBot, and growing threats to non-profits. Learn about evolving cyber threats. First seen on hackread.com Jump to article: hackread.com/trickbot-behind-724-million-crypto-theft-extortion/
-
Qilin Ransomware Gains Momentum with Legal Assistance Option for Affiliates
The Qilin ransomware gang has introduced a >>Call Lawyer>legal department
-
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
FBI Dallas has seized almost 23 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from Texas companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-seizes-24m-in-bitcoin-from-new-chaos-ransomware-operation/
-
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter’s dark web infrastructure has been the subject of a law enforcement seizure.Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware landscape to conduct big-game hunting and double extortion…
-
Naval Group: Hacker erpresst französischen Kriegsschiffhersteller
Der französische Schiffsbaukonzern Naval Group untersucht einen möglichen Cyberangriff. In einem Hackerforum sind militärische Daten aufgetaucht. First seen on golem.de Jump to article: www.golem.de/news/naval-group-hacker-erpresst-franzoesischen-kriegsschiffhersteller-2507-198601.html
-
Naval Group: Hacker erpresst französischen Kriegsschiffhersteller
Der französische Schiffsbaukonzern Naval Group untersucht einen möglichen Cyberangriff. In einem Hackerforum sind militärische Daten aufgetaucht. First seen on golem.de Jump to article: www.golem.de/news/naval-group-hacker-erpresst-franzoesischen-kriegsschiffhersteller-2507-198601.html
-
GLOBAL GROUP Ransomware Claims Breach of Media Giant Albavisión
GLOBAL GROUP Ransomware targets media giant Albavisión, claims 400 GB data theft as it continues hitting global sectors with advanced extortion tactics. First seen on hackread.com Jump to article: hackread.com/global-group-ransomware-media-giant-albavision-breach/
-
Chaos Ransomware Rises as BlackSuit Gang Falls
Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international law enforcement. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chaos-ransomware-rises-blacksuit-falls
-
Interlock Ransomware Targets Healthcare in Stealth Attacks, Say U.S. Cyber Agencies
Federal agencies warn of rising Interlock ransomware attacks targeting healthcare and critical sectors using double extortion and advanced social engineering. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/security/interlock-ransomware-healthcare-warning/